<?php

include '../../init.php';

// 修改数据
$uid    = $_SESSION['uid'];
$method = $_POST['method'];

// 修改普通信息
if ($method == 'update_base_info'){
	$alias     = $_POST['alias'];
	$gender    = $_POST['gender'];
	$birthyear = strtotime($_POST['birthyear']);
	$truename  = $_POST['truename'];
	$address   = $_POST['address'];
	$sql  = "UPDATE `userinfo_tb` SET alias='".$alias."',gender=".$gender.", birthyear=".$birthyear;
	$sql .= ", truename='".$truename."', address='".$address."' WHERE uid=".$uid;
	$arr  = array();
	if (!my_mysql_query($sql, $arr)){
		show_msg(1, '修改个人信息失败', 3, '../../index.php?uid='.$uid);
		exit();
	}
	
	setSessionForKey($_POST);

	show_msg(0, '修改个人信息成功', 1, './index.php?uid='.$uid);
	exit();
}

// 修改密码,邮箱,安全问题
if ($method == 'update_safe_info'){
	
	$post_oldpwd = $_POST['oldpass'];
	$post_newpwd = $_POST['newpass'];
	$db_pwd      = $_SESSION['password'];
	// 旧密码好使
	if ((md5($post_oldpwd) != $db_pwd) || empty($post_oldpwd) || empty($post_newpwd)){
		show_msg(1, '密码输入错误');
		exit();
	}
	$sql = "UPDATE `login_tb` SET password='".(md5($post_newpwd))."' WHERE uid=".$uid.' ;';
	$arr = array();
	if (my_mysql_query($sql, $arr) === false){
		show_msg(1, '修改安全设置失败', 30);
		exit();
	}
	
	$qid    = $_POST['qid'];
	$email  = $_POST['email'];
	$answer = $_POST['answer'];
	$sql = "UPDATE `userinfo_tb` SET email='".$email."', qid=".$qid.", answer='".$answer."' WHERE uid=".$uid.' ;';
	$arr  = array();
	if (my_mysql_query($sql, $arr) === false){
		show_msg(1, '修改安全设置失败', 30);
		exit();
	}
	$_SESSION['password'] = md5($post_newpwd);
	show_msg(0, '修改安全设置成功',1);
	exit();
}

// 修改头像
if ($method == 'update_avatar_info'){
	
	$info = execute_file($_FILES['avatar'], true);
	if ($info === false){
		show_msg(1, '修改头像失败');
		exit();
	}
	
	$sql  = "UPDATE `userinfo_tb` SET avatarid=".$info['insertid']." WHERE uid=".$uid.' ;';
	$arr  = array();
	if (!my_mysql_query($sql, $arr)){
		show_msg(1, '修改头像失败');
		exit();
	}

	show_msg(0, '修改头像成功');
	exit();
}


// 用户禁言
// 不用判断管理员,都看不到页面,除非猜中接口
if ($method == 'shutUp'){
	// 需要重新去uid
	$uid  = $_POST['uid'];

	$sql  = "UPDATE `login_tb` SET isStop=1 WHERE uid=".$uid.' ;';
	$arr  = array();
	if (!my_mysql_query($sql, $arr)){
		show_msg(1, '禁言失败');
		exit();
	}

	show_msg(0, '禁言成功,要解除禁言需要后台管理',3);
	exit();
}

// 用户被冻结